In the human-to-computer interactive terminal environment, it is often desirable to ascertain, with some measure of accuracy, that a customer using a remote terminal is actually who he represents himself to be. Identification cards and credit cards have been used for this purpose for some time; however, theft of the identification card makes this metod of identification verification inaccurate. In order to verify the identity of a person presenting an identification card, many exotic techniques including fingerprint, voice print, signature, facial feature, and even human body acoustic transfer function analysis have been suggested.
A most popular method involves requiring that a prospective identification card user provide a memorized personal identification number (PIN) in addition to the identification card as proof of identity. If the PIN is to be verified in the terminal, the PIN may be algorithmically related to another number such as a bank account number or driver's license number stored on a magnetic stripe on the identification card. Or, the PIN may be encrypted in some manner and stored on the magnetic stripe on each card. If sufficient storage is available in the terminal, a table may be provided so that the PIN may be mathematically unrelated to the number on the identification card thereby making determination of the PIN from the card impossible. When the terminal has inadequate memory size to contain a table having an entry for every account number, for example, such as at a cash dispensing terminal, and if the PIN is not encrypted on the card, it will be necessary to transmit the account number from the card and the PIN entered by the customer to a host computer for verification. To defeat attempts to learn the PIN associated with an account number by monitoring the communication line or by gaining access to the verification process in the host computer, various encryption schemes have been suggested.
For example, a cash issuing terminal may have logic hardware or a microprogram to operate as defined by the following steps:
1. A customer wishing to use the terminal inserts his credit card having magnetically encoded account number and other identifying information in accordance with the American Bankers Association (ABA) standard. The customer then enters the personal identification number (PIN) and other transaction information such as the amount of cash requested through the keyboard.
2. The terminal logic encrypts the account number using a first encryption key A and an algorithm such as the National Bureau of Standards (NBS) algorithm to obtain a result which is compared with the PIN. The NBS Data Encryption Standard algorithm was published Friday, Aug. 1, 1975 at page 32395 of the Federal Register Vol. 40, No. 149. Absence of a predetermined correspondence results in the card being selectively returned to the customer or retained in the terminal.
3. If correspondence is found, the PIN is encrypted using a bank encryption key B, which may be the same as the first encryption key A. The encrypted PIN is combined with time variable information such as a sequential transaction number or cash counters in the terminal to prevent repetitive transmission of identical information fields, and is then encrypted again using transmission key C, and is transmitted (considered to be double encryption) as a message to a host computer.
4. Upon receipt of the message at the host computer, customer written application programs cause the message to be decrypted using the transmission key C and the encrypted PIN is compared with the encrypted PIN stored in the host computer data base for the account number against which the transaction is to be processed. Credit limits, and other account status information may be checked as well.
5. If the encrypted PIN compares with the encrypted PIN stored for the account against which the transaction is to be processed, and the status of the account is in order, a reply message including time variable data such as the cash count received from the terminal, and transaction authorization, display messages, etc., are all encrypted with the transmission key C and sent to the cash issuing terminal.
6. Upon receipt at the cash issuing terminal, the reply message is decrypted using the transmission key C and the time variable data is compared with the time variable data field of the inquiry message to insure against error. If the message is correct, the terminal executes the commanded action such as issue cash or display a message.
7. The terminal then generates a status message to inform the host computer of the execution or cancellation of the transaction and of any error conditions at the terminal.
The example prior art method of operation described above uses two levels of encryption and time varying message data content to hide the PIN and account number from persons monitoring the communication link and one level of encryption to hide the PIN for each account number in the host data base.
In the interchange environment, when the cash issuing terminal may be of a different manufacture and operated by a different bank, the card issuing bank will have to share knowledge of the transmission key C with the operating bank in order to allow the computers of these different banks to communicate. The PIN will then be protected by only one level of encryption and may not be protected by time varying message data content during transmission. The PIN may not be protected at all at the host computer after decryption using the shared transmission key C unless the bank key B is also shared so that the PIN can be transmitted in double encrypted form. Furthermore, if the bank key B is ever compromised, the entire data base of account number/PIN relationships will be available to the unscrupulous at the host computer data base and may be collected by tabular attack from the transmission link.
All known prior art has full Account No./PIN relationship information either on the card, or in the computer. U.S. Pat. Nos. 3,662,342 and 3,655,162 teach a changing key and scrambled or encrypted information on the card for comparison with a PIN but both require that all information necessary for correlation of account number and PIN be recorded on the card where it is vulnerable.
U.S. Pat. No. 3,697,729 uses random pattern of spots also on the card.
U.S. Pat. Nos. 3,543,904, 3,401,830, and other patents show various encrypting schemes for hiding the account number/PIN relationship stored on the card.
U.S. Pat. No. 3,648,020 teaches transmitting the PIN to the central data base for comparison.